pidgin MSN protocol integer overflow in slplink.c

Bug #247140 reported by Fumihito YOSHIDA
256
Affects Status Importance Assigned to Milestone
Ubuntu Japanese Kaizen Project
Triaged
Medium
Unassigned

Bug Description

see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2927

Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in
  (1) libpurple/protocols/msn/slplink.c
  (2) libpurple/protocols/msnp9/slplink.c
in Pidgin before 2.4.3 allow remote attackers to execute arbitrary code via a malformed SLP message,
a different vulnerability than CVE-2008-2955(*).

 (*) CVE-2008-2955 is unpatched (zero-day).

CVE References

Revision history for this message
Ikuya Awashiro (ikuya-fruitsbasket) wrote :

Here is the debdiff.

Revision history for this message
Ikuya Awashiro (ikuya-fruitsbasket) wrote :

Here is the newest. comment1 is wrong.

Revision history for this message
Fumihito YOSHIDA (hito) wrote :

published.

Changed in ubuntu-jp-improvement:
importance: Undecided → Medium
status: New → Triaged
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.